Microsoft Builds a Digital “Monkey” to Hunt Fraudulent Ads

Microsoft Builds a Digital “Monkey” to Hunt Fraudulent Ads

Why It Matters

Almost half of all clicks on ads in apps are inadvertent.

Ads on mobile apps generate more than $8 billion in annual revenue for app developers. With so much money at stake, various ways to game the system have arisen. One fraudulent method is to write malicious code to generate false clicks (see “A Web Scam That Makes $500,000 a Month”). A more insidious approach is to simply make it easy for users to hit ads through “placement fraud.” Developers can make ads too small to stand out, too close to a game button, or even invisible.

Now researchers at Microsoft and the University of Southern California have come up with what they say is the first publicly disclosed technology for detecting and countering placement fraud at a large scale. They’ve built what they call a digital “monkey” to hop between millions of app screens to see whether designs violate an app store’s terms of use.

When the technology was deployed on 50,000 Windows Phone apps, it uncovered more than 1,000 that had ad placements that violated the terms of use; of 1,200 Windows 8 tablet apps, it found more than 50 with problems. The work, done in April 2013, is the subject of a paper being aired next week at the Usenix conference in Seattle.

With millions of apps for sale, it’s infeasible for humans to do a visual inspection. That’s one reason why most research attention has been focused on the problem of click fraud, in which automated programs called bots click ads.

Microsoft’s new tool systematically reviews apps in an app store, launches an app in an emulator, and then interacts with that app and attempts to go through as much of it as it can. If the monkey encounters a button, it clicks on it. If it encounters a text box, it tries to continue by determining what is being sought and entering something, such as a zip code. “The goal of the monkey is to go to as many pages in the app as possible,” says Suman Nath, a senior researcher at Microsoft.

One of the sneaky gambits Microsoft’s monkey rooted out was inside an app for playing mah-jongg, the Chinese tile game. A vertical advertising bar on the right side of the screen was filled with tiles that looked like the tiles used in the game itself. “The user will believe this is an ad-free app,” Nath says.

Other app authors shrunk ads to fit a given game layout, unaware of or flouting the fact that the app store’s terms of use disallow ads that are smaller than a certain size.

Xuxian Jiang, a computer scientist at North Carolina State University and an expert in mobile security, says the work was novel. Even though it can’t detect whether the bad ad placement was intentional, “it is a good start,” he says.